1. Field of the Invention
The present invention relates to an authentication vector generation device, a subscriber identity module, a mobile communication system, an authentication vector generation method, a calculation method, and a subscriber authentication method.
2. Related Background of the Invention
In IMT-2000 (International Mobile Telecommunication 2000), which is a third-generation mobile communication system, a subscriber identity module (USIM: Universal Subscriber Identity Module), issued by a network operator, a service provider or the like to which a subscriber to a mobile communication network is contracted (the mobile communication network serviced by the operator, a service provider or the like will be referred to as a “home network” hereafter), is mounted on subscriber side terminal equipment (ME: Mobile Equipment, corresponding to a mobile phone, cellular phone or other mobile device, for example), and in so doing, mutual authentication during outgoing-call, incoming-call, and so on between the home network, or a mobile communication network capable of roaming from the home network (to be referred to as a “roaming network” hereafter), and the subscriber identity module, is standardized.
In IMT-2000, the mobile communication network is constituted by an authentication vector generation device (HLR: Home Location Register) for generating an authentication vector (AV) used to authenticate the subscriber identity module, and an authentication device (VLR: Visitor Location Register) for performing authentication processing with the subscriber identity module. In IMT-2000, subscriber identity module authentication processing is performed in the following manner. First, the authentication device receives an authentication vector generated and transmitted by the authentication vector generation device, and transmits predetermined data included in the authentication vector to the subscriber identity module via the subscriber side terminal equipment. Next, on the basis of the predetermined data, a calculation is performed in the subscriber identity module using secret information and an algorithm stored in advance in the subscriber identity module. The calculation result is transmitted to the authentication device via the subscriber side terminal equipment, and verified in the authentication device to authenticate the subscriber identity module (see 3GPP TS 33. 102 V3. 13. 0 (2002-12): “3rd Generation Partnership Project (3GPP); Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 1999)” (Non-patent Document 1)).
Meanwhile, in GSM (Global System for Mobile Communications), which is a second generation mobile communication system that is compatible with IMT-2000, subscriber identity module authentication is performed in an almost identical framework to that described above, using a GSM subscriber identity module (SIM: Subscriber Identity Module). Note that it is technically possible to mount a USIM and an SIM on a single smart card (also known as a “IC (IC: Integrated Circuit) card” in Japan), and smart cards serving as subscriber identity modules having both USIM and SIM functions exist.